Veritas Access Installation Guide

Last Published:
Product(s): Access (7.4.1)
Platform: Linux
  1. Introducing Veritas Access
    1.  
      About Veritas Access
  2. Licensing in Veritas Access
    1.  
      About Veritas Access product licensing
  3. System requirements
    1.  
      Important release information
    2. System requirements
      1. Linux requirements
        1.  
          Operating system RPM installation requirements and operating system patching
        2.  
          Kernel RPMs that are required to be installed with exact predefined RPM versions
        3.  
          OL kernel RPMs that are required to be installed with exact predefined RPM versions
        4.  
          Required operating system RPMs for OL 7.4
        5.  
          Required operating system RPMs for RHEL 7.3
        6.  
          Required operating system RPMs for RHEL 7.4
      2.  
        Software requirements for installing Veritas Access in a VMware ESXi environment
      3.  
        Hardware requirements for installing Veritas Access virtual machines
      4.  
        Management Server Web browser support
      5.  
        Supported NetBackup versions
      6.  
        Supported OpenStack versions
      7.  
        Supported Oracle versions and host operating systems
      8.  
        Supported IP version 6 Internet standard protocol
    3. Network and firewall requirements
      1.  
        NetBackup ports
      2.  
        OpenDedup ports and disabling the iptable rules
      3.  
        CIFS protocols and firewall ports
    4.  
      Maximum configuration limits
  4. Preparing to install Veritas Access
    1.  
      Overview of the installation process
    2.  
      Hardware requirements for the nodes
    3.  
      Connecting the network hardware
    4. About obtaining IP addresses
      1.  
        About calculating IP address requirements
      2.  
        Reducing the number of IP addresses required at installation time
    5.  
      About checking the storage configuration
  5. Deploying virtual machines in VMware ESXi for Veritas Access installation
    1.  
      Setting up networking in VMware ESXi
    2.  
      Creating a datastore for the boot disk and LUNs
    3.  
      Creating a virtual machine for Veritas Access installation
  6. Installing and configuring a cluster
    1.  
      Installation overview
    2.  
      Summary of the installation steps
    3.  
      Before you install
    4. Installing the operating system on each node of the cluster
      1.  
        About the driver node
      2.  
        Installing the operating system on the target Veritas Access cluster
      3.  
        Installing the Oracle Linux operating system on the target Veritas Access cluster
    5. Installing Veritas Access on the target cluster nodes
      1.  
        Installing and configuring the Veritas Access software on the cluster
      2.  
        Veritas Access Graphical User Interface
    6. About managing the NICs, bonds, and VLAN devices
      1.  
        Selecting the public NICs
      2.  
        Selecting the private NICs
      3.  
        Excluding a NIC
      4.  
        Including a NIC
      5.  
        Creating a NIC bond
      6.  
        Removing a NIC bond
      7.  
        Removing a NIC from the bond list
    7. About VLAN tagging
      1.  
        Creating a VLAN device
      2.  
        Removing a VLAN device
      3.  
        Limitations of VLAN tagging
    8.  
      Replacing an Ethernet interface card
    9.  
      Configuring I/O fencing
    10.  
      About configuring Veritas NetBackup
    11.  
      About enabling kdump during an Veritas Access configuration
    12.  
      Reconfiguring the Veritas Access cluster name and network
    13.  
      Configuring a KMS server on the Veritas Access cluster
  7. Automating Veritas Access installation and configuration using response files
    1.  
      About response files
    2.  
      Performing a silent Veritas Access installation
    3.  
      Response file variables to install and configure Veritas Access
    4.  
      Sample response file for Veritas Access installation and configuration
  8. Displaying and adding nodes to a cluster
    1.  
      About the Veritas Access installation states and conditions
    2.  
      Displaying the nodes in the cluster
    3.  
      Before adding new nodes in the cluster
    4.  
      Adding a node to the cluster
    5.  
      Adding a node in mixed mode environment
    6.  
      Deleting a node from the cluster
    7.  
      Shutting down the cluster nodes
  9. Upgrading Veritas Access and operating system
    1.  
      Upgrading the operating system and Veritas Access
  10. Upgrading Veritas Access using a rolling upgrade
    1.  
      About the rolling upgrades
    2.  
      Supported rolling upgrade paths for upgrades on RHEL and Oracle Linux
    3.  
      Performing a rolling upgrade using the installer
  11. Uninstalling Veritas Access
    1.  
      Before you uninstall Veritas Access
    2. Uninstalling Veritas Access using the installer
      1.  
        Removing Veritas Access 7.4.1 RPMs
      2.  
        Running uninstall from the Veritas Access 7.4.1 disc
  12. Appendix A. Installation reference
    1.  
      Installation script options
  13. Appendix B. Configuring the secure shell for communications
    1.  
      Manually configuring passwordless SSH
    2.  
      Setting up the SSH and the RSH connections
  14. Appendix C. Manual deployment of Veritas Access
    1.  
      Deploying Veritas Access manually on a two-node cluster in a non-SSH environment
    2.  
      Enabling internal sudo user communication in Veritas Access

Setting up the SSH and the RSH connections

You can use the pwdutil.pl utility to set up the SSH and the RSH connections automatically. This utility can be located at /opt/VRTS/repository/ga/images/SSNAS/7.4.0.0/scripts/pwdutil.pl. 

# ./pwdutil.pl -h
Usage:

Command syntax with simple format:

    pwdutil.pl check|configure|unconfigure ssh|rsh <hostname|IP addr> 
				[<user>] [<password>] [<port>]

Command syntax with advanced format:

    pwdutil.pl [--action|-a 'check|configure|unconfigure']
               [--type|-t 'ssh|rsh']
               [--user|-u  '<user>']
               [--password|-p '<password>']
               [--port|-P '<port>']
               [--hostfile|-f '<hostfile>']
               [--keyfile|-k '<keyfile>']
               [-debug|-d]
               <host_URI>

    pwdutil.pl -h | -?

Table: Options with pwdutil.pl utility

Option

Usage

--action|-a 'check|configure|unconfigure'

Specifies the action type. The default value is 'check'.

--type|-t 'ssh|rsh'

Specifies the connection type. The default value is 'SSH'.

--user|-u '<user>'

Specifies the user ID. The default value is the local user ID.

--password|-p '<password>'

Specifies the user password. The default value is the user ID.

--port|-P '<port>'

Specifies the port number for the SSH connection. The default value is 22.

--keyfile|-k '<keyfile>'

Specifies the private key file.

--hostfile|-f '<hostfile>'

Specifies the file which lists the hosts.

-debug

Prints the debug information.

-h|-?

Prints the help messages.

<host_URI>

Can be in the following formats:

hostname

user:password@hostname

user:password@hostname:

port

You can check, configure, and unconfigure SSH or RSH using the pwdutil.pl utility. For example:

  • To check SSH connection for only one host:

    pwdutil.pl check ssh hostname

  • To configure SSH for only one host:

    pwdutil.pl configure ssh hostname user password

  • To unconfigure RSH for only one host:

    pwdutil.pl unconfigure rsh hostname

  • To configure SSH for multiple hosts with the same user ID and password:

    pwdutil.pl -a configure -t ssh -u user -p password hostname1 
hostname2 hostname3

  • To configure SSH or RSH for different hosts with a different user ID and password:

    pwdutil.pl -a configure -t ssh user1:password1@hostname1
user2:password2@hostname2

  • To check or configure SSH or RSH for multiple hosts with one configuration file:

    pwdutil.pl -a configure -t ssh --hostfile /tmp/sshrsh_hostfile

  • To keep the host configuration file safe, you can use the 3rd-party utility to encrypt and decrypt the host file with password.

    For example:

    ### run openssl to encrypt the host file in base64 format
# openssl aes-256-cbc -a -salt -in /hostfile -out /hostfile.enc
enter aes-256-cbc encryption password: <password>
Verifying - enter aes-256-cbc encryption password: <password>

### remove the original plain text file
# rm /hostfile

### run openssl to decrypt the encrypted host file
# pwdutil.pl -a configure -t ssh 'openssl aes-256-cbc -d -a 
-in /hostfile.enc'
enter aes-256-cbc decryption password: <password>

  • To use the ssh authentication keys that are not under the default $HOME/.ssh directory, you can use --keyfile option to specify the ssh keys. For example:

    ### create a directory to host the key pairs:
# mkdir /keystore

### generate private and public key pair under the directory:
# ssh-keygen -t rsa -f /keystore/id_rsa

### setup ssh connection with the new generated key pair under 
the directory:
# pwdutil.pl -a configure -t ssh --keyfile /keystore/id_rsa 
user:password@hostname

You can see the contents of the configuration file by using the following command:

# cat /tmp/sshrsh_hostfile
user1:password1@hostname1
user2:password2@hostname2
user3:password3@hostname3
user4:password4@hostname4

# all default: check ssh connection with local user
hostname5
The following exit values are returned:

0     Successful completion.
1     Command syntax error.
2     Ssh or rsh binaries do not exist.
3     Ssh or rsh service is down on the remote machine.
4     Ssh or rsh command execution is denied due to password is required.
5     Invalid password is provided.
255   Other unknown error.